Skip to Content

Computer Encryption Program

Expand or Collapse all.

More about Texas State's encryption efforts

Data encryption reduces the risk of exposing confidential data through stolen or lost equipment. This effort implements full-disk encryption solutions that meet industry and State of Texas Administrative Code (TAC 202) standards.

It is everyone’s responsibility to protect and secure data stored on these devices from unauthorized or unintentional data exposure. By encrypting and protecting university-owned computers, Texas State is adopting an industry best practice that lessens the risk of data exposure without the need to determine if confidential information was present on a missing computer. In other words, if we can prove that the data was protected, we can be sure that the data does not get into the wrong hands. Furthermore, with computer encryption, we can also remotely remove protected data from the device.

In a 2010 study, 46 percent of lost computers contained confidential data; only 30 percent of those systems were encrypted; and only 10 percent had other anti-theft technologies (See The Billion Dollar Lost Laptop Study PDF, Ponemon Institute and Intel Corp). According to the FBI and the insurance institutes, computers are the number one stolen item in the United States with approximately 1,800 stolen per day across the country.

Additionally, the Texas State Computer Encryption Program will address State of Texas mandates found in the Texas Administrative Code, Title 1, Part 10, Chapter 202, Subchapter C, Rule §202.75 and UPPS 04.01.01: Security of Texas State Information Resources.

Windows Computers

BitLocker drive encryption

BitLocker Drive Encryption Icon

Mac Computers

FileVault 2 full-disk encryption

FileVault icon

BitLocker and FileVault 2 are enabled when at rest, provide minimal impact to the computer owner, and are highly rated in the encryption industry. 

Computer Encryption Adoption Plan

ITAC works to ensure compliance through these methods:

  • Computer Replacement Program (CRP) - All new CRP computers are encrypted prior to delivery.
  • Department Funded Purchase (DFP) - All new DFP computers delivered by ITAC are encrypted prior to delivery.
  • Re-imaged computers - All computers re-imaged by ITAC are encrypted; TSPs who re-image previously encrypted computers should work with ITAC to encrypt computers after re-imaging them.
  • Computer repairs - All computers repaired by ITAC are encrypted.

The only exceptions to these practices occur when an approved Texas State Device Encryption Exception Request form is on file with ITAC.

Computer Encryption Policies

Important compliance factors

  • Unless there is an approved Texas State Device Encryption Exception form (PDF) on file, encryption should be installed and activated on Texas State-owned computers.
  • Once encryption is installed by ITAC, if that computer needs to be re-imaged or have a new operating system installed, the Encryption Re-image Process must be followed.
  • The computer must remain encrypted at all times.

Protecting data via computer encryption is everyone's responsibility.